Hi, Any ideas why this would be failing? It's the example straight out of the documentation: host# iptables -A INPUT -m string --string 'cmd.exe' -j QUEUE iptables: No chain/target/match by that name This is on a Debian Stable box. Is it possible that "-m string" is permitted by the userspace tool but the functionality hasn't been included in the kernel? -- mors omnia vincit
